British researchers have developed an artificial intelligence that can identify keystrokes by their sound signature. They used a smartphone as a microphone, placed near a laptop, and trained the AI by associating the unique sound of each keystroke with the corresponding letter. When entering passwords on a laptop, the AI successfully deciphered the words from the sound of the keystrokes with an accuracy of 95%.
Imagine typing on your laptop, logging into an account or two, while your phone sits silently next to you. The scariest thing is: it may eavesdrop on your every click and tap and provide data to artificial intelligence, which is learning your most private information. While it sounds like something out of a sci-fi thriller, it's closer to reality than we think, highlighting the fine line between AI's benefits and its less-than-perfect quirks.
Using deep learning algorithms, the research team developed a system that can recognize what you are typing based entirely on the sound of your keyboard. The AI, named CoAtNet, was trained using spectrograms that represent the unique sounds each key makes. As a result, just by placing the smartphone 20 centimeters away from the MacBook, the success rate of deciphering the keys can reach 95%.
Dr. Ehsan Toreini, a co-author of the study, said she expects "such models and attacks to become more and more accurate" because most modern smart devices are equipped with microphones. The team also tested their AI over Zoom and Skype calls, with nearly identical accuracy.
However, the current model has some obvious limitations. CoAtNet needs to be customized for each keyboard type because different keyboards will sound different. In the training, we pressed each of the 36 keys on the MacBook (including letters and numbers) 25 times in succession, using different fingers and different pressure levels.
Additionally, it’s difficult for AI to pick up the nuances of the Shift key, so using a mix of upper and lower case letters, numbers, and symbols in your passwords is a good start.
This research is primarily a proof-of-concept and has not yet been used in actual password cracking, nor in real-world settings such as coffee shops, where the noisy environment would make eavesdropping less practical or usable. However, the researchers noted that laptops, which have cookie-cutter keyboards and are often used in public places, are particularly vulnerable to this type of technology. Keyboard modders may find that changing the keyboard's acoustic properties disables the AI, requiring new training of the system.
In this case, though, your best defense may be your old-school password managers, as they can autofill passwords, keeping them safe from this sonic spy. Adding two-factor authentication and biometric options like fingerprint scanning and facial recognition will make things even more airtight.
Ultimately, this research aims to raise awareness of the advanced capabilities of AI algorithms to extract insights from new data types. Acoustic signals are often used in side-channel attacks (such as those involving laser microphones) and can now be analyzed more sophisticatedly through advanced machine learning techniques.